Shodan has turned up half a million D-Link devices exposed to the internet, and subject to easy hijacking using zero-day vulnerabilities.

The stack overflow vulnerabilities affect more than 120 D-Link products, from Wi-Fi cameras to routers and modems, and allow remote attackers to completely hijack the administer account of the devices to install backdoors and intercept traffic.

D-Link has been contacted for comment.

It takes only one command to exploit the flaw, according to Senrio researchers who published a proof-of-concept that changed administrator passwords.

“… the Senrio research team discovered and exploited a remote code execution vulnerability in the latest firmware of the D-Link DCS-930L Network Cloud Camera,” the researchers say.

“While the thought of strangers watching your sleeping baby is disturbing, the implications for enterprise and infrastructure environments are downright scary.”

Almost 140,000 of the devices are located in the US, with 23,442 in Canada, and 20,982 in Sweden.

Computer Articles and Posts

Antivirus provider ESET released a report on Tuesday stating that its researchers have discovered malicious code residing within advertisements that are currently in rotation on many “reputable” news [...]

Sony released firmware updates to remove the accounts that could give hackers full access to the cameras
Many network security cameras made by Sony could be taken over by hackers and infected with [...]